updated 09:54 am EDT, Thu March 21, 2013

Modular malware

A new Mac trojan is inserting ads into Safari, Chrome, and Firefox, says a Russian security firm, Doctor Web. Nicknamed "Trojan.Yontoo.1," the malware is so far being distributed through movie trailer pages, which prompt people to download a browser plugin, a media player, a video enhancer, or a download accelerator. When launched, the malware asks to be installed under a name such as "Free Twit Tube."

In reality the installer inserts a plugin into the aforementioned browsers, which transmits data about the websites a person visits to a remote server, and inserts ads into places in sites where they wouldn't otherwise exist. Visiting the official Apple page for the iPad mini, for instance, may trigger an ad for unrealistically low iPad discounts. Doctor Web notes that the attackers could potentially swap out the plugin for different or updated code.

The malware is targeting Windows systems as well, but Doctor Web comments that hackers are increasingly targeting Mac owners, and that such ad schemes generate money regardless of the platform they're on. The hackers likely receive money for each ad impression, and more if a person actually clicks on an ad. There doesn't appear to be any defense against the trojan in OS X at the moment, short of rejecting the installation; Apple may, however, be able to create a safeguard by updating the OS' blacklist.

Thumbnail?

Why is there a thumbnail on the main page but no picture in the full story? Does the thumbnail have anything to do with the story? Why not include the picture in the full story if it includes some important information, like to compare if you think you're infected? When I click on the full story all I see is an advertisement where I might expect to see the associated picture.